VDB
CVE-2026-28683
CVE-2026-28683
PUBLISHED
CVSS 8.699999809265137 HIGH
Gokapi has Stored XSS in SVG Hotlinks
EPSS 0.01% · 1.5th percentile
Risk Scores
CVSS v3.1
8.699999809265137
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS Score
0.01%
1.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Forceu | Gokapi | < 2.2.3, < 2.2.3 |
| github.com | forceu/gokapi | 0, 0 |
| forceu | gokapi | 0, 0 |
Timeline
- Mar 5, 2026 CVE Published
- Mar 6, 2026 CVE Updated
- Mar 6, 2026 EPSS Score
- Mar 6, 2026 PoC Published
- Mar 6, 2026 PoC Published
- Mar 6, 2026 PoC Published
- Mar 7, 2026 EPSS Score
- Mar 8, 2026 EPSS Score
- Mar 10, 2026 EPSS Score
- Mar 10, 2026 Security Advisory
- Mar 11, 2026 EPSS Score
- Mar 12, 2026 EPSS Score